Israeli-founded cybersecurity startup raises $40m to help mitigate threats to AI apps

Investment led by US VC firm CRV to help Legit Security boost sales, R&D and address the cyberthreat posed by AI and large language models in the development of applications

Sharon Wrobel is a tech reporter for The Times of Israel.

Founders of cybersecurity startup Legit Security (right to left): Liav Caspi, Roni Fuchs, and Lior Barak. (Omer Hacohen)
Founders of cybersecurity startup Legit Security (right to left): Liav Caspi, Roni Fuchs, and Lior Barak. (Omer Hacohen)

Israeli-founded cybersecurity startup Legit Security said Wednesday it has nabbed $40 million from investors to help businesses protect their generative AI-based applications from malicious threat attacks and security breaches.

The Series B funding round was led by US venture capital firm CRV with participation from existing investors Israeli VC fund Cyberstarts, international investment firm Bessemer Venture Partners, and Silicon Valley VC firm TCV. The fresh capital bumps up Legit Security’s total funds raised to date to $77 million.

In recent months, a flurry of Israeli-founded cybersecurity startups looking to develop solutions to meet the fast-growing security needs of businesses has been succeeding in raising capital as the space is capturing the interest of private investors despite a global tech funding crunch.

Businesses increasingly rely on software to do business and the digital transformation is shifting data centers to the cloud. The rapid pace of change has also opened up more unprotected attack channels that cybercriminals have been targeting.

Headquartered in Palo Alto, California, Legit Security was founded in September 2020 by CEO Roni Fuchs, CTO Liav Caspi, and VP of R&D Lior Barak, graduates of the Israeli Defense Force’s Unit 8200. The startup has developed a security platform that it says helps businesses and organizations protect software supply chains and applications from threat attacks by discovering and mitigating vulnerabilities from the stage of code development to cloud deployment. Among Legit Security’s customers using the platform are Google, NYSE, Kraft Heinz, Takeda Pharmaceuticals, and additional Fortune 500 enterprises.

A software supply chain is the ecosystem of systems, infrastructure, processes, and people involved in developing software. Legit Security’s platform scans software development pipelines for gaps and leaks, as well as development infrastructure and systems within those pipelines. By 2025, about 45% of enterprises and organizations worldwide will have experienced attacks on their software supply chains, a threefold increase from 2021, according to a Gartner report.

The startup said it will use the Series B funds to expand “sales, marketing and R&D, as well as address the emerging threat of Artificial Intelligence and Large Language Models (LLMs) in the development of new applications.”

Software development teams are increasingly leveraging AI-generated code and embedding LLMs in their applications, “but these AI technologies are also introducing a rapidly expanding class of new security threats,” Legit Security said in a statement.

“We founded Legit Security with the mission to secure the world’s software with a platform that continuously manages application security from code to cloud,” said Fuchs. “With this investment our mission gains additional traction and speed, including new capabilities to extend visibility, security and governance to AI-generated code and embedded Large Language Models (LLMs) in applications.”

The move comes as more and more software developers working in cloud environments are using AI-based code assistants such as GitHub Copilot or Tabnine, opening up a range of new risks to data privacy and the protection of sensitive data. As a result, big tech companies such as Apple and Samsung are reportedly restricting their employees from using generative AI tools like OpenAI’s ChatGPT and AI code assistants to prevent private information leaks.

Most Popular
read more: